Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
479
Views
0
Helpful
1
Replies

Cisco ASA EAL4 transparent firewall config? Do I need to use MAC filtering?

rzc0v0-chris
Level 1
Level 1

‎03-15-2011 03:39 AM - edited ‎03-11-2019 01:06 PM

I am configuring an ASA5540 firewall for a client, only difference to usual being that it is to run in Transparent mode. I have looked through for an EAL4 transparent firewall config guide but found nothing and therefore assumed that the usual one would be used.

The clients security bod has now come back and insisted MAC filtering should be used but I can find no reference of this anywhere.

Can someone tell if MAC filtering is required to make a transparent box EAL4 compliant and if so where I can find documentation supporting this?

Thanks in advance

Chris

Labels:
0 Helpful
1 Reply 1

rzc0v0-chris
Level 1
Level 1

‎03-15-2011 05:01 AM

Incase anyone runs accross the same question. After an hour or 2 trawling through the EAL4 config guide again I came accross this. So Yes, it is required.

Inspect ARP


To configure the ARP inspection engine, use the arp-inspection command in global configuration mode. ARP inspection is required when a firewall context is operating in transparent mode, to prevent IP spoofing of traffic.

To complete the configuration of ARP inspection the administrator must create static ARP entries for each host protected by the firewall context.

hostname(config)# arp inside 1.2.3.4 0050.abcd.1234
hostname(config)# arp-inspection outside enable
hostname(config)# arp-inspection inside enable

Cheers Chris

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card